#!/usr/bin/env bash
#
### BEGIN INIT INFO
# Provides: cuttlefish-operator
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Cuttlefish Host Orchestrator service
# Description: The Host Orchestrator service provides the signaling
#              server used by all cuttlefish instances running in this
#              host as well as orchestration capabilities.
### END INIT INFO
#
# Copyright (C) 2021 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Make sure calls to this script get redirected to systemctl when
# using systemd

. /lib/lsb/init-functions

if [ -f /etc/default/cuttlefish-operator ]; then
    . /etc/default/cuttlefish-operator
fi

RUN_DIR="/run/cuttlefish"
ASSET_DIR="/usr/share/cuttlefish-common/operator"
DAEMON="/usr/lib/cuttlefish-common/bin/operator"
PIDFILE="${RUN_DIR}"/operator.pid

gen_cert() {
  operator_tls_cert_dir=${operator_tls_cert_dir:-/etc/cuttlefish-common/operator/cert}
  CERT_FILE="${operator_tls_cert_dir}/cert.pem"
  KEY_FILE="${operator_tls_cert_dir}/key.pem"
  if [ -f "$CERT_FILE" ] && [ -f "$KEY_FILE" ]; then
    echo "TLS certificate files for https communication already exist."
  else
    mkdir -p "${operator_tls_cert_dir}"
    openssl req \
      -newkey rsa:4096 \
      -x509 \
      -sha256 \
      -days 36000 \
      -nodes \
      -out "${CERT_FILE}" \
      -keyout "${KEY_FILE}" \
      -subj "/C=US"
    chown _cutf-operator:cvdnetwork "${CERT_FILE}"
    chown _cutf-operator:cvdnetwork "${KEY_FILE}"
  fi
}

start() {
  gen_cert
  mkdir -p "${RUN_DIR}"
  chown _cutf-operator:cvdnetwork "${RUN_DIR}"
  chmod 775 "${RUN_DIR}"

  args=()
  if [[ -n "${operator_http_port}" ]]; then
    args+=(--http_port="${operator_http_port}")
  fi
  if [[ -n "${operator_https_port}" ]]; then
    args+=(--https_port="${operator_https_port}")
  fi
  if [[ -n "${operator_tls_cert_dir}" ]]; then
    args+=(--tls_cert_dir="${operator_tls_cert_dir}")
  fi
  args+=(--socket_path="${RUN_DIR}"/operator)
  if [[ -n "${operator_webui_url}" ]]; then
    args+=(--webui_url="${operator_webui_url}")
  fi
  if [[ -n "${operator_listen_address}" ]]; then
    args+=(--listen_addr="${operator_listen_address}")
  fi

  start-stop-daemon --start \
    --pidfile "${PIDFILE}" \
    --chuid _cutf-operator:cvdnetwork \
    --chdir "${ASSET_DIR}" \
    --background --no-close \
    --make-pidfile \
    --exec "${DAEMON}" -- "${args[@]}"
}

stop() {
  start-stop-daemon --stop \
    --pidfile "${PIDFILE}" \
    --remove-pidfile \
    --exec "${DAEMON}"
  # The presence of the socket will cause devices to try to connect to it
  # instead of starting their own signaling servers, so it needs to be removed
  # once the service isn't running.
  unlink "${RUN_DIR}"/operator
}

status() {
  # Return
  #   0 if daemon is running
  #   1 if daemon is dead and pid file exists
  #   3 if daemon is not running
  #   4 if daemon status is unknown
  start-stop-daemon --start --quiet --pidfile "${PIDFILE}" --exec ${DAEMON} --test > /dev/null
  case "${?}" in
    0) [ -e "${PIDFILE}" ] && return 1 ; return 3 ;;
    1) return 0 ;;
    *) return 4 ;;
  esac
}

usage() {
    echo $0: start\|stop\|status
}

if test $# != 1; then
    usage
else
    case "$1" in
        --help)
            usage 0
            ;;
        start|stop|status)
            "$1"
            ;;
        restart|force-reload|condrestart|try-restart)
            stop && start
            ;;
        reload)
            # Nothing to do
            ;;
        shutdown)
            stop
            ;;
        *)
            usage
            ;;
    esac
fi
exit 0
